//package cc.bookcloud.springboot3.auth.config;
//
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.jdbc.core.JdbcTemplate;
//import org.springframework.security.config.Customizer;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationConsentService;
//import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService;
//import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
//import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
//import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
//import org.springframework.security.web.SecurityFilterChain;
//import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
//
//import javax.sql.DataSource;
//
//@EnableWebSecurity
//@Configuration
//public class AuthServerConfig_bak {
//
//    // 1. 客户端信息从数据库读取（oauth2_client表）
//    @Bean
//    public RegisteredClientRepository registeredClientRepository(DataSource dataSource) {
//        return new JdbcRegisteredClientRepository(new JdbcTemplate(dataSource));
//    }
//
//    // 2. 授权记录存储到数据库（oauth2_authorization表）
//    @Bean
//    public JdbcOAuth2AuthorizationService authorizationService(DataSource dataSource, RegisteredClientRepository clientRepository) {
//        return new JdbcOAuth2AuthorizationService(new JdbcTemplate(dataSource), clientRepository);
//    }
//
//    // 3. 授权同意记录存储（oauth2_authorization_consent表）
//    @Bean
//    public JdbcOAuth2AuthorizationConsentService authorizationConsentService(DataSource dataSource, RegisteredClientRepository clientRepository) {
//        return new JdbcOAuth2AuthorizationConsentService(new JdbcTemplate(dataSource), clientRepository);
//    }
//
//    // 4. 授权服务器端点配置（如/oauth2/authorize, /oauth2/token）
//    /**
//     * @author CoderJia
//     * @create 2024/10/13 下午 01:57
//     * @Description
//     **/
//
//        @Bean
//        public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
//            http
//                    .csrf(Customizer.withDefaults())
//                    .authorizeHttpRequests(auth -> auth
//                            .requestMatchers("/login", "/login/**", "/css/**", "/js/**").permitAll()  // 公开访问
//                            .requestMatchers("/admin/**").hasRole("ADMIN")   // 只有 ADMIN 角色可以访问 /admin 目录下的资源
//                            .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")  // USER 和 ADMIN 角色都可以访问 /user 目录下的资源
//                            .anyRequest().authenticated()  // 其他接口需认证
//                    )
//                    .formLogin(form -> form
//                            .loginPage("/login")
//                            .permitAll()
//                    )
//                    .logout((logout) -> logout
//                            .logoutRequestMatcher(new AntPathRequestMatcher("/logout", "GET"))
//                    )
//                    .httpBasic(Customizer.withDefaults());  // 使用 HTTP Basic 认证
//            return http.build();
//        }
////    @Bean
////    public SecurityFilterChain authServerSecurityFilterChain(HttpSecurity http) throws Exception {
////        OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
////        // 未登录时重定向到Spring Security默认登录页
////        http.exceptionHandling(e -> e.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")));
////        return http.build();
////    }
//    // 5. 授权服务器基础设置
//    @Bean
//    public AuthorizationServerSettings authorizationServerSettings() {
//        return AuthorizationServerSettings.builder().build();
//    }
//
//}